Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_secured_message_lib.h"
8 :
9 742 : void libspdm_session_info_init(libspdm_context_t *spdm_context,
10 : libspdm_session_info_t *session_info,
11 : uint32_t session_id, spdm_version_number_t secured_message_version,
12 : bool use_psk)
13 : {
14 : libspdm_session_type_t session_type;
15 : uint32_t capabilities_flag;
16 :
17 742 : if (session_id != INVALID_SESSION_ID) {
18 451 : if (use_psk) {
19 335 : LIBSPDM_ASSERT((spdm_context->max_psk_session_count == 0) ||
20 : (spdm_context->current_psk_session_count <
21 : spdm_context->max_psk_session_count));
22 335 : spdm_context->current_psk_session_count++;
23 : } else {
24 116 : LIBSPDM_ASSERT((spdm_context->max_dhe_session_count == 0) ||
25 : (spdm_context->current_dhe_session_count <
26 : spdm_context->max_dhe_session_count));
27 116 : spdm_context->current_dhe_session_count++;
28 : }
29 : } else {
30 291 : if (use_psk) {
31 58 : if (spdm_context->current_psk_session_count > 0) {
32 58 : spdm_context->current_psk_session_count--;
33 : }
34 : } else {
35 233 : if (spdm_context->current_dhe_session_count > 0) {
36 62 : spdm_context->current_dhe_session_count--;
37 : }
38 : }
39 : }
40 :
41 742 : capabilities_flag = spdm_context->connection_info.capability.flags &
42 742 : spdm_context->local_context.capability.flags;
43 742 : switch (capabilities_flag &
44 : (SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP |
45 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP)) {
46 249 : case 0:
47 249 : session_type = LIBSPDM_SESSION_TYPE_NONE;
48 249 : break;
49 379 : case (SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP |
50 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP):
51 379 : session_type = LIBSPDM_SESSION_TYPE_ENC_MAC;
52 379 : break;
53 114 : case SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP:
54 114 : session_type = LIBSPDM_SESSION_TYPE_MAC_ONLY;
55 114 : break;
56 0 : default:
57 0 : LIBSPDM_ASSERT(false);
58 0 : session_type = LIBSPDM_SESSION_TYPE_MAX;
59 0 : break;
60 : }
61 :
62 : #if !(LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT)
63 742 : if (session_info->session_transcript.digest_context_th != NULL) {
64 132 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
65 : session_info->session_transcript.digest_context_th);
66 132 : session_info->session_transcript.digest_context_th = NULL;
67 : }
68 742 : if (session_info->session_transcript.digest_context_th_backup != NULL) {
69 63 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
70 : session_info->session_transcript.digest_context_th_backup);
71 63 : session_info->session_transcript.digest_context_th_backup = NULL;
72 : }
73 : #endif
74 :
75 742 : libspdm_zero_mem (&(session_info->last_key_update_request), sizeof(spdm_key_update_request_t));
76 742 : libspdm_zero_mem(session_info, offsetof(libspdm_session_info_t, secured_message_context));
77 742 : libspdm_secured_message_init_context(session_info->secured_message_context);
78 742 : session_info->session_id = session_id;
79 742 : session_info->use_psk = use_psk;
80 742 : libspdm_secured_message_set_use_psk(session_info->secured_message_context, use_psk);
81 742 : libspdm_secured_message_set_session_type(session_info->secured_message_context, session_type);
82 :
83 : /* DSP0277 1.2 explicitly specifies a little-endian sequence number. 1.0 and 1.1 leave it up to
84 : * the Integrator to specify. */
85 742 : if ((secured_message_version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >= SECURED_SPDM_VERSION_12) {
86 15 : libspdm_secured_message_set_sequence_number_endian(
87 : session_info->secured_message_context,
88 : LIBSPDM_DATA_SESSION_SEQ_NUM_ENC_LITTLE_DEC_LITTLE);
89 : } else {
90 727 : libspdm_secured_message_set_sequence_number_endian(session_info->secured_message_context,
91 727 : spdm_context->sequence_number_endian);
92 : }
93 :
94 742 : libspdm_secured_message_set_max_spdm_session_sequence_number(
95 : session_info->secured_message_context, spdm_context->max_spdm_session_sequence_number);
96 742 : libspdm_secured_message_set_algorithms(
97 : session_info->secured_message_context,
98 742 : spdm_context->connection_info.version,
99 : secured_message_version,
100 : spdm_context->connection_info.algorithm.base_hash_algo,
101 742 : spdm_context->connection_info.algorithm.dhe_named_group,
102 : spdm_context->connection_info.algorithm.kem_alg,
103 742 : spdm_context->connection_info.algorithm.aead_cipher_suite,
104 742 : spdm_context->connection_info.algorithm.key_schedule);
105 742 : session_info->session_transcript.message_encap_d.max_buffer_size =
106 : sizeof(session_info->session_transcript.message_encap_d.buffer);
107 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
108 : session_info->session_transcript.message_k.max_buffer_size =
109 : sizeof(session_info->session_transcript.message_k.buffer);
110 : session_info->session_transcript.message_f.max_buffer_size =
111 : sizeof(session_info->session_transcript.message_f.buffer);
112 : session_info->session_transcript.message_m.max_buffer_size =
113 : sizeof(session_info->session_transcript.message_m.buffer);
114 : session_info->session_transcript.message_e.max_buffer_size =
115 : sizeof(session_info->session_transcript.message_e.buffer);
116 : session_info->session_transcript.message_encap_e.max_buffer_size =
117 : sizeof(session_info->session_transcript.message_encap_e.buffer);
118 : #endif
119 742 : }
120 :
121 : #if LIBSPDM_ENABLE_CAPABILITY_PSK_CAP
122 77 : void libspdm_session_info_set_psk_hint(libspdm_session_info_t *session_info,
123 : const void *psk_hint,
124 : size_t psk_hint_size)
125 : {
126 77 : libspdm_secured_message_set_psk_hint(
127 : session_info->secured_message_context,
128 : psk_hint,
129 : psk_hint_size);
130 77 : }
131 : #endif /* LIBSPDM_ENABLE_CAPABILITY_PSK_CAP */
132 :
133 1648 : void *libspdm_get_session_info_via_session_id(void *spdm_context, uint32_t session_id)
134 : {
135 : libspdm_context_t *context;
136 : libspdm_session_info_t *session_info;
137 : size_t index;
138 :
139 1648 : if (session_id == INVALID_SESSION_ID) {
140 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
141 : "libspdm_get_session_info_via_session_id - Invalid session_id\n"));
142 0 : LIBSPDM_ASSERT(false);
143 0 : return NULL;
144 : }
145 :
146 1648 : context = spdm_context;
147 :
148 1648 : session_info = (libspdm_session_info_t *)context->session_info;
149 1649 : for (index = 0; index < LIBSPDM_MAX_SESSION_COUNT; index++) {
150 1649 : if (session_info[index].session_id == session_id) {
151 1648 : return &session_info[index];
152 : }
153 : }
154 :
155 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
156 : "libspdm_get_session_info_via_session_id - not found session_id\n"));
157 0 : return NULL;
158 : }
159 :
160 845 : void *libspdm_get_secured_message_context_via_session_id(void *spdm_context, uint32_t session_id)
161 : {
162 : libspdm_session_info_t *session_info;
163 :
164 845 : session_info = libspdm_get_session_info_via_session_id(spdm_context, session_id);
165 845 : if (session_info == NULL) {
166 0 : return NULL;
167 : } else {
168 845 : return session_info->secured_message_context;
169 : }
170 : }
171 :
172 0 : void *libspdm_get_secured_message_context_via_session_info(void *spdm_session_info)
173 : {
174 : libspdm_session_info_t *session_info;
175 :
176 0 : session_info = spdm_session_info;
177 0 : if (session_info == NULL) {
178 0 : return NULL;
179 : } else {
180 0 : return session_info->secured_message_context;
181 : }
182 : }
183 :
184 84 : uint32_t libspdm_generate_session_id(uint16_t req_session_id, uint16_t rsp_session_id)
185 : {
186 : uint32_t session_id;
187 84 : session_id = (rsp_session_id << 16) | req_session_id;
188 84 : return session_id;
189 : }
190 :
191 84 : libspdm_session_info_t *libspdm_assign_session_id(libspdm_context_t *spdm_context,
192 : uint32_t session_id,
193 : spdm_version_number_t secured_message_version,
194 : bool use_psk)
195 : {
196 : libspdm_session_info_t *session_info;
197 : size_t index;
198 :
199 84 : if (session_id == INVALID_SESSION_ID) {
200 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR, "libspdm_assign_session_id - Invalid session_id\n"));
201 0 : LIBSPDM_ASSERT(false);
202 0 : return NULL;
203 : }
204 :
205 84 : session_info = spdm_context->session_info;
206 :
207 420 : for (index = 0; index < LIBSPDM_MAX_SESSION_COUNT; index++) {
208 336 : if (session_info[index].session_id == session_id) {
209 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
210 : "libspdm_assign_session_id - Duplicated session_id\n"));
211 0 : LIBSPDM_ASSERT(false);
212 0 : return NULL;
213 : }
214 : }
215 :
216 130 : for (index = 0; index < LIBSPDM_MAX_SESSION_COUNT; index++) {
217 130 : if (session_info[index].session_id == INVALID_SESSION_ID) {
218 84 : libspdm_session_info_init(spdm_context,
219 84 : &session_info[index], session_id, secured_message_version,
220 : use_psk);
221 84 : spdm_context->latest_session_id = session_id;
222 84 : return &session_info[index];
223 : }
224 : }
225 :
226 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR, "libspdm_assign_session_id - MAX session_id\n"));
227 0 : return NULL;
228 : }
229 :
230 112 : void libspdm_free_session_id(libspdm_context_t *spdm_context, uint32_t session_id)
231 : {
232 : libspdm_session_info_t *session_info;
233 : size_t index;
234 :
235 112 : if (session_id == INVALID_SESSION_ID) {
236 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR, "libspdm_free_session_id - Invalid session_id\n"));
237 0 : LIBSPDM_ASSERT(false);
238 0 : return;
239 : }
240 :
241 112 : if (spdm_context->latest_session_id == session_id) {
242 42 : spdm_context->latest_session_id = INVALID_SESSION_ID;
243 : }
244 :
245 112 : session_info = spdm_context->session_info;
246 114 : for (index = 0; index < LIBSPDM_MAX_SESSION_COUNT; index++) {
247 114 : if (session_info[index].session_id == session_id) {
248 112 : libspdm_session_info_init(spdm_context,
249 112 : &session_info[index],
250 : INVALID_SESSION_ID, 0,
251 112 : session_info[index].use_psk);
252 112 : return;
253 : }
254 : }
255 :
256 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR, "libspdm_free_session_id - MAX session_id\n"));
257 0 : LIBSPDM_ASSERT(false);
258 : }
|
